1# SPDX-License-Identifier: LGPL-2.1-or-later 2# 3# This file is part of systemd. 4# 5# systemd is free software; you can redistribute it and/or modify it 6# under the terms of the GNU Lesser General Public License as published by 7# the Free Software Foundation; either version 2.1 of the License, or 8# (at your option) any later version. 9 10[Unit] 11Description=Time & Date Service 12Documentation=man:systemd-timedated.service(8) 13Documentation=man:localtime(5) 14Documentation=man:org.freedesktop.timedate1(5) 15 16[Service] 17BusName=org.freedesktop.timedate1 18CapabilityBoundingSet=CAP_SYS_TIME 19DeviceAllow=char-rtc r 20ExecStart={{ROOTLIBEXECDIR}}/systemd-timedated 21IPAddressDeny=any 22LockPersonality=yes 23MemoryDenyWriteExecute=yes 24NoNewPrivileges=yes 25PrivateTmp=yes 26ProtectProc=invisible 27ProtectControlGroups=yes 28ProtectHome=yes 29ProtectHostname=yes 30ProtectKernelLogs=yes 31ProtectKernelModules=yes 32ProtectKernelTunables=yes 33ProtectSystem=strict 34ReadWritePaths=/etc 35RestrictAddressFamilies=AF_UNIX 36RestrictNamespaces=yes 37RestrictRealtime=yes 38RestrictSUIDSGID=yes 39SystemCallArchitectures=native 40SystemCallErrorNumber=EPERM 41SystemCallFilter=@system-service @clock 42{{SERVICE_WATCHDOG}} 43